Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Text to Song
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a straightforward MakebestMusic integration, but users should notice that it sends an API key and song prompts to an external service and has some metadata/path inconsistencies.
Install only if you trust the MakebestMusic integration and are comfortable sending song prompts and your API key to its API. Keep MBM_API_BASE unset unless you know why you need it, and verify the installed skill path because the registry slug and SKILL.md name/path do not fully match.
Static analysis
Env credential access
Critical
- Finding
- Environment variable access combined with network send.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
#
ASI03: Identity and Privilege Abuse
Low
What this means
Using this skill may consume the user's MakebestMusic account credits or quota and depends on keeping the API key private.
Why it was flagged
The skill uses the configured apiKey as a Bearer token for provider API calls. This is expected for generating music, but it gives the skill access to the user's MakebestMusic account/API quota.
Skill content
const API_KEY = process.env.apiKey; ... Authorization: `Bearer ${API_KEY}`Recommendation
Use a dedicated MakebestMusic API key if possible, monitor usage, and rotate the key if you suspect it was exposed.
#
ASI02: Tool Misuse and Exploitation
Low
What this means
The agent will run the included scripts to send song descriptions to the music-generation service.
Why it was flagged
The skill instructs the agent to run a local Node script with the user's prompt. This is purpose-aligned, but it is still a command execution path.
Skill content
node ~/.openclaw/workspace/skills/text-to-music/scripts/generate.js "<prompt>" <instrumental>
Recommendation
Invoke it only for intended music-generation requests and avoid putting private or sensitive information in song prompts.
#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means
It may be harder to verify the publisher or troubleshoot installation/path issues.
Why it was flagged
The registry metadata lacks a source/homepage, and it differs from the SKILL.md frontmatter name/version and documented path, which say text-to-music and version 1.2.0.
Skill content
Source: unknown; Homepage: none; Slug: text-to-song; Version: 1.0.0
Recommendation
Confirm the skill publisher and make sure the configured command path points to the installed scripts before relying on it.
#
ASI03: Identity and Privilege Abuse
Medium
What this means
If MBM_API_BASE is set to an untrusted endpoint, the user's API key could be sent somewhere other than MakebestMusic.
Why it was flagged
The API destination can be changed by an undocumented MBM_API_BASE environment variable while still sending the user's Bearer token.
Skill content
const API_BASE = process.env.MBM_API_BASE || "https://api.makebestmusic.com"; ... Authorization: `Bearer ${API_KEY}`Recommendation
Leave MBM_API_BASE unset unless you intentionally use a trusted MakebestMusic-compatible endpoint.